Published work

iBoss blog: Implementing Better Email Authentication Systems

To provide better spam and phishing protection, a number of ways to improve on email message authentication have been available for years, and are being steadily implemented. However, it is a difficult path to make these methods work. Part of the problem is because there are multiple standards and sadly, you need to understand how these different standards interact and complement each other. Ultimately, you are going to need to deploy all of them.

You can read my latest blog for iBoss here to find out more.

Read More
iBoss blog: What Is WAP Billing and How Can It Be Exploited?

An old scam to separate people from their money has been gaining more popularity. It uses a cellphone protocol called WAP billing to steal your money. You have a hint from its name that it has something to do with wireless network protocols, but the idea is to save folks some time when they want to pay for something online by having the charges go directly on the user’s phone bill. I explain the exploit and how it is being used in my latest blog post for iBoss here. One infection point is a “battery optimizer” app that conceals the WAP billing trojan.

Read More
HPE blog: What developers can learn from the best museum designers about UX

Inspiration on how to improve user experience can come from many places. Here’s how some top museum high-tech exhibits explain data, using interesting visualizations or a combination of senses. I look at examples from the St. Louis City Museum, the Springfield Ill Lincoln Museum and the Chopin Museum in Warsaw (shown here) for examples.

You can read my article in HPE’s Enterprise.Nxt blog here.

Read More
iBoss blog: Understanding the Differences Between Anonymity and Privacy

Balancing anonymity and privacy isn’t an either/or situation. There are many shades of gray, and it is more of an art than science. Making sure your users understand the distinction between the two terms and setting their appropriate expectations of both should be a critical part of any job managing IT security.

Most users when they say they want anonymity really are saying that they don’t want anyone, whether it is the government or an IT department — to keep track of their web searches and conversations.

However,controlling our privacy is complex: Take a look at the typical controls offered by Twitter. (See the screencap at right.) How can any normal person figure these out?  This post for the iBoss blog discusses these and other issues.

Read More
HPE Enterprise.Nxt: The rise of ransomware

Ransomware is a troubling trend. Novice criminals with little technical savvy and cheap software can generate big payouts and impact enterprise operations. Here’s what you need to know about the changing ransomware landscape. Ransomware happens to be the fifth most common form of malware, and is expected to see a 300 percent increase this year, according to MWR InfoSecurity. 

You can read my analysis here on HPE’s Enterprise.Nxt site. I review some of its history, highlight a few of the recent innovations with ransomware-as-a-service (such as this web dashboard from Satan shown here), and make a few suggestions on how to prevent it from spreading around your company.

Read More
iBoss blog: What is OAuth and why should I care?

The number of choices for automating login authentication is a messy alphabet soup of standards and frameworks, including SAML, WS-Federation, OpenID Connect, OAuth, and many others. OAuth began its life about seven years ago as an open standard that was created to handle authorization by Twitter and Google.Today I will take a closer look at this standard, and you can read the rest of my post on iBoss’ blog here.

Read More
iBoss blog: The Dark Side of SSL Certificates

The world of SSL certificates is changing, as the certs become easier to obtain and more frequently used. In general, having a secure HTTP-based website is a good thing: the secure part of the protocol means it is more difficult to eavesdrop on any conversation between your browser and the web server. Despite their popularity, there is a dark side to them as well. Let’s take a closer look at my iBoss blog post this week.

Read More
iBoss blog: What Is the CVE and Why It Is Important

The Common Vulnerabilities and Exposures (CVE) program was launched in 1999 by MITRE to identify and catalog vulnerabilities in software or firmware and create a free lexicon to help organizations improve their security. Since its creation, the program has been very successful and is now used to link together different vulnerabilities and to facilitate the comparison of security tools and services. You now see evidence of its work by the unique CVE number that accompanies a malware announcement by a security researcher.

In my latest blog post for iBoss, I look at how the CVE got started and where it used and the importance it plays in sharing threat information.

Read More
Why You Need to Deploy IPv6: It Is All about Performance and Security

You have heard the arguments for using IPv6 for decades, but here is a novel reason: it is all about getting better network performance. A recent study from Cloudflare’s network operations shows that an IPv6 network can operate 25ms to 300ms faster than over an IPv4 network. That isn’t theory: that is what they actually observed. These numbers are corroborated with studies from LinkedIn and Facebook, although Sucuri did a test last year that shows about the same in terms of web surfing.

Part of the debate here has to do with what constitutes performance. But an all-IPv6 network can also boost your security, if it is implemented correctly and carefully. In my latest post for iBoss’ blog, I tell you why.

Read More
CSO Online: As malware grows more complex, protection strategies need to evolve

The days of simple anti-malware protection are mostly over. Scanning and screening for malware has become a very complex process, and most traditional anti-malware tools only find a small fraction of potentially harmful infections. This is because malware has become sneakier and more defensive and complex.

In this post for CSO Online sponsored byPC Pitstop, I dive into some of the ways that malware can hide from detection, including polymorphic methods, avoiding dropping files on a target machine, detecting VMs and sandboxes or using various scripting techniques. I also make the case for using application whitelisting (which is where PC Pitstop comes into play), something more prevention vendors are paying more attention to as it gets harder to detect the sneakier types of malware.

Read More
1 2 3 77